LoanCare Breach Exposes Sensitive Real Estate Data

Fidelity National Financial, a major player in the real estate insurance sector, encountered a cybersecurity incident. Its subsidiary, LoanCare, a leading provider of loan servicing solutions, reported the data breach of 1,316,938 individuals following a hacker attack in November.

The situation escalated rapidly on November 19, when LoanCare detected unauthorized access to the systems of its parent company. According to the firm’s statement, the hackers gained access to clients’ names, addresses, social security numbers, and loan numbers.

Fidelity National Financial, which owns numerous regional insurance companies, promptly took action: notifying law enforcement and government agencies, initiating an investigation, and engaging cybersecurity experts. Although the incident was contained, the hackers managed to extract data. Affected individuals are offered two years of digital identity protection services from Kroll.

Real estate agents, homebuyers, and other transaction participants found themselves in a predicament for several days following the attack, as home sales could not be finalized. The responsibility for the attack was claimed by the ALPHV (BlackCat) group.

Shortly after the attack, the group’s leak site, along with its entire infrastructure, was seized by the FBI and other law enforcement agencies in an international operation against cybercrime.

In the context of widespread attacks on financial institutions in the autumn of this year, the Cybersecurity and Infrastructure Security Agency (CISA) notes that groups affiliated with ALPHV compromised over 1,000 entities, predominantly in the USA, demanded over $500 million in ransom, and received about $300 million.

The incident highlights not only the vulnerability of large financial institutions to cyber threats but also the importance of protecting clients’ data in the digital era.